Identity management is a critical component of IT infrastructure and security, especially in the wake of the cloud. In this post we break down and explore the five key elements of identity and user lifecycle management. How many of these areas have you adopted in your organisation? (Comment below)
1. User provisioning and system integration
The majority of applications need to know things about the users they’re supporting, such as first and last name, email address, and the name of their organisation. However, for applications to unlock their full potential, and for disparate systems to intelligent integrate, there is a wide range of extended attributes that can also be transferred and synchronised between systems. Needless to say, integrating systems together can have a wide range of benefits, from increased security, improved data quality, higher efficiency, reduced burden and costs of manual tasks, and it can even unlock potential that your systems cannot achieve independently. To make the most of identity management, you need to view the full spectrum of attributes, not just the core user credentials.
2. User Lifecycle Management
To make sense of identity management, and to abstract some of its complexity away, administrators tend to group users together. In Active Directory there are a few different ways of filtering and grouping users, including security groups and OUs. In the IAM Cloud platform, we use ‘classifications’.
Unlike Active Directory, which is a static system, IAM Cloud classifications are dynamic. A single change in attribute, which could be synchronised across from Active Directory or a management information system, could trigger the user being appropriately reclassified. This gives great power to user lifecycle management, especially in dynamic environments where there are is a wide range of different requirements, and where large numbers of users frequently transition between roles, e.g. college applicants, to students, to alumni. The diagram below shows an example scenario of how user lifecycle management could be structured for students in a university with IAM Cloud.
Our classification system provides an excellent method for user lifecycle management, but there are often edge cases that need more sophisticated solutions. The IAM Cloud platform has a system called the ‘rules engine’ that provides enormously granular control over identity, access and other IAM Cloud features.
The rules engine creates rules and exceptions based on programmatic logic, which can cater for more or less any requirement imaginable.
4. Attribute and password management
Identities are made of attributes. An important element of identity management is managing these attributes to ensure they are free of errors, secure and kept up-to-date. This can be a significant maintenance challenge for IT Teams - especially regarding passwords. The IAM Cloud platform allows users to self-administer their passwords and other attributes, which can remove a huge burden from IT helpdesks.
5. Identity security
Identity credentials are some of the most sensitive and critical data stored by organisations. Keeping it secure is essential. As such identity management systems form part of an organisation’s information security infrastructure.
We worked with Gartner and Microsoft security analysts to build an identity platform with industry-leading security, and our efforts were noted by Microsoft when we were named us their Worldwide Education Partner of the Year 2015.
To find out more about our Identity and User Lifecycle Management, including our solutions led approach to it all, download the guide below.